﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace btnet.pages
{
    public partial class edit_comment : CommonPage
    {
        protected bool use_fckeditor = false;
        protected int bugid;

        protected void Page_Load(object sender, EventArgs e)
        {

            Bug_Util.do_not_cache(Response);

            security = new Security();

            security.check_security(HttpContext.Current, Security.ANY_USER_OK_EXCEPT_GUEST);

            if (security.user.is_admin || security.user.can_edit_and_delete_posts)
            {
                //
            }
            else
            {
                Response.Write("You are not allowed to use this page.");
                Response.End();
            }

            titl.Text = Bug_Util.get_setting("AppTitle", "BugTracker.NET") + " - "
                + "edit comment";

            msg.InnerText = "";

            id = Convert.ToInt32(Request["id"]);

            if (!IsPostBack)
            {
                sql = @"select bp_comment, bp_type,
        isnull(bp_comment_search,bp_comment) bp_comment_search,
        isnull(bp_content_type,'') bp_content_type,
        bp_bug, bp_hidden_from_external_users
        from bug_posts where bp_id = $id";
            }
            else
            {
                sql = @"select bp_bug, bp_type,
        isnull(bp_content_type,'') bp_content_type,
        bp_hidden_from_external_users
        from bug_posts where bp_id = $id";
            }

            sql = sql.Replace("$id", Convert.ToString(id));
            DataRow dr = DbUtil.get_datarow(sql);

            bugid = (int)dr["bp_bug"];

            int permission_level = btnet.Bug.get_bug_permission_level(bugid, security);
            if (permission_level == Security.PERMISSION_NONE
            || permission_level == Security.PERMISSION_READONLY
            || (string)dr["bp_type"] != "comment")
            {
                Response.Write("You are not allowed to edit this item");
                Response.End();
            }

            string content_type = (string)dr["bp_content_type"];

            if (content_type == "text/html" && Bug_Util.get_setting("DisableFCKEditor", "0") == "0")
            {
                use_fckeditor = true;
            }
            else
            {
                use_fckeditor = false;
            }

            if (security.user.external_user || Bug_Util.get_setting("EnableInternalOnlyPosts", "0") == "0")
            {
                internal_only.Visible = false;
                internal_only_label.Visible = false;
            }

            if (!IsPostBack)
            {
                internal_only.Checked = Convert.ToBoolean((int)dr["bp_hidden_from_external_users"]);

                if (use_fckeditor)
                {
                    comment.Value = (string)dr["bp_comment"];
                }
                else
                {
                    comment.Value = (string)dr["bp_comment_search"];
                }
            }
            else
            {
                on_update();
            }

        }


        ///////////////////////////////////////////////////////////////////////
        protected Boolean validate()
        {

            Boolean good = true;

            if (comment.Value.Length == 0)
            {
                msg.InnerText = "Comment cannot be blank.";
                return false;
            }

            return good;
        }

        ///////////////////////////////////////////////////////////////////////
        protected void on_update()
        {

            Boolean good = validate();

            if (good)
            {

                sql = @"update bug_posts set
                    bp_comment = N'$cm',
                    bp_comment_search = N'$cs',
                    bp_content_type = N'$cn',
                    bp_hidden_from_external_users = $internal
                where bp_id = $id

                select bg_short_desc from bugs where bg_id = $bugid";

                if (use_fckeditor)
                {
                    string text = Bug_Util.strip_dangerous_tags(comment.Value);
                    sql = sql.Replace("$cm", text.Replace("'", "&#39;"));
                    sql = sql.Replace("$cs", Bug_Util.strip_html(comment.Value).Replace("'", "''"));
                    sql = sql.Replace("$cn", "text/html");
                }
                else
                {
                    // Oops! This is backwards, but don't change it now!
                    if (Bug_Util.get_setting("HtmlDecodeComment", "1") == "1")
                    {
                        sql = sql.Replace("$cm", comment.Value.Replace("'", "''"));
                    }
                    else
                    {
                        sql = sql.Replace("$cm", HttpUtility.HtmlDecode(comment.Value).Replace("'", "''"));
                    }
                    sql = sql.Replace("$cs", comment.Value.Replace("'", "''"));
                    sql = sql.Replace("$cn", "text/plain");
                }

                sql = sql.Replace("$id", Convert.ToString(id));
                sql = sql.Replace("$bugid", Convert.ToString(bugid));
                sql = sql.Replace("$internal", Bug_Util.bool_to_string(internal_only.Checked));
                DataRow dr = DbUtil.get_datarow(sql);

                // Don't send notifications for internal only comments.
                // We aren't putting them the email notifications because it that makes it
                // easier for them to accidently get forwarded to the "wrong" people...
                if (!internal_only.Checked)
                {
                    btnet.Bug.send_notifications(btnet.Bug.UPDATE, bugid, security);
                    btnet.WhatsNew.add_news(bugid, (string)dr["bg_short_desc"], "updated", security);
                }


                Response.Redirect("edit_bug.aspx?id=" + Request["bug_id"]);

            }

        }
    }
}
